package org.xt.filter;

import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.servlet.http.HttpSession;

import org.nutz.ioc.Ioc;
import org.nutz.ioc.impl.PropertiesProxy;
import org.nutz.lang.Lang;
import org.nutz.log.Log;
import org.nutz.log.Logs;
import org.nutz.mvc.ActionContext;
import org.nutz.mvc.ActionFilter;
import org.nutz.mvc.Mvcs;
import org.nutz.mvc.View;
import org.nutz.mvc.view.JspView;
import org.nutz.mvc.view.UTF8JsonView;
import org.xt.entity.Admin;
import org.xt.entity.User;

import org.xt.constants.Const;
import org.xt.constants.Res;

/**
 * 授权过滤器
 * @author XiangTao
 *
 */
public class AuthCheckFilter implements ActionFilter{
	Log log = Logs.getLog(AuthCheckFilter.class);
	
	@Override
	public View match(ActionContext ac) {
		// TODO Auto-generated method stub
		String url = ac.getRequest().getRequestURI();
		if(url.endsWith(".xls")){
			return null;
		}
		if(url.endsWith(".html")){
			if(urlCheck(url)){
				return null;
			}
			JspView view = checkSession(ac);
			return view;
		}else if(url.endsWith(".api")){
			return checkIsHavePermission(ac);
		}else{
			JspView view = new JspView("jsp.dataSummary.autolist1");
			return view;
		}
	}
	
	/**
	 * 检查是否有权限访问api接口
	 * @param ac
	 * @return json视图
	 */
	private View checkIsHavePermission(ActionContext ac) {
		// TODO Auto-generated method stub
		String url = ac.getRequest().getRequestURI();
		String authKey = ac.getRequest().getHeader(Const.AUTH_KEY);
		String authSign = ac.getRequest().getHeader(Const.AUTH_SIGN);
		if(checkKey(authKey, authSign)){
			HttpSession session = ac.getRequest().getSession();
			Admin admin = (Admin) session.getAttribute(Const.LOGIN_ADMIN_SIGN);
			if(admin != null){
				return null;
			}
			User member = (User) session.getAttribute(Const.LOGIN_USER_SIGN);
			if(checkUrl(member, url)){
				return null;
			}else{
				return getView(Res.NEW().code(Res.SUCCESS).msg("你没有权限访问此接口"));
			}
			
		}else{
			return getView(Res.NEW().code(Res.ERROR).msg("你没有权限访问该api接口"));
		}
	}

	/**
	 * 判断是否登录，如果登录，则继续，否则返回登录界面登录
	 * @param ac
	 * @return null 已经登录 JspView 还未登录
	 */
	private JspView checkSession(ActionContext ac) {
		HttpSession session = ac.getRequest().getSession();
		Object obj = null;
		String url = ac.getRequest().getRequestURI();
		if(url.contains("admin")){
			obj = session.getAttribute(Const.LOGIN_ADMIN_SIGN);
		}else{
			obj = session.getAttribute(Const.LOGIN_USER_SIGN);
		}
		
		if(obj != null){
			return null;
		}else{
			JspView view = new JspView("admin.login");
			return view;
		}
	}

	/**
	 * 检查url是否为配置文件里所配置的
	 * @param url
	 * @return true 是，false 不是
	 */
	private boolean urlCheck(String url) {
		// TODO Auto-generated method stub
		//过滤配置的url地址
		Ioc ioc = Mvcs.getIoc();
		PropertiesProxy urlfilter = ioc.get(PropertiesProxy.class, "urlfilter");
		List<String> keys = urlfilter.getKeys();
		for(String key : keys){
			String checkUrl = urlfilter.get(key);
			if(url.endsWith(checkUrl)){
				return true;
			}
		}
		return false;
	}
	
	/**
	 * 检查key和sign是否匹配
	 * @param key
	 * @param sign
	 * @return
	 */
	private boolean checkKey(String key, String sign){
		long time = System.currentTimeMillis() / 1000 / 60;
		key = Lang.md5(Lang.md5(key + time) + time);
		if(key.equals(sign)){
			return true;
		}
		return false;
	}
	/**
	 * 检查url是不是该用户可以访问的 ---还未实现
	 * @param member
	 * @param url
	 * @return
	 */
	private boolean checkUrl(User member, String url){
		
		return true;
	}
	/**
	 * 将Res返回到json视图
	 * @param res
	 * @return
	 */
	private View getView(Res res){
		UTF8JsonView view = new UTF8JsonView();
		view.setData(res);
		return view;
	}
}
